coturn: 4.5.1.3 -> 4.5.2 #109038
coturn: 4.5.1.3 -> 4.5.2 #109038
Conversation
mweinelt
added
1.severity: security
9.needs: port to stable
Version 4.5.2 'dan Eider': - fix null pointer dereference in case of out of memory. (thanks to Thomas Moeller for the report) - merge PR 517 (by wolmi) * add prometheus metrics - merge PR 637 (by David Florness) * Delete trailing whitespace in example configuration files - merge PR 631 (by Debabrata Deka) * Add architecture ppc64le to travis build - merge PR 627 (by Samuel) * Fix misleading option in doc (prometheus) - merge PR 643 (by tupelo-schneck) * Allow RFC6062 TCP relay data to look like TLS - merge PR 655 (by plinss) * Add support for proxy protocol V1 - merge PR 618 (by Paul Wayper) * Print full date and time in logs * Add new options: "new-log-timestamp" and "new-log-timestamp-format" - merge PR 599 (by Cédric Krier) * Do not use FIPS and remove hardcode OPENSSL_VERSION_NUMBER with LibreSSL - update Docker mongoDB and fix with workaround the missing systemctl - merge PR 660 (by Camden Narzt) * fix compilation on macOS Big Sur - merge PR 546 (by jelmd) * Add ACME redirect url - merge PR 551 (by jelmd) * support of --acme-redirect <URL> - merge PR 672 further acme fixes (by jemld) * fix acme security, redundancy, consistency - Disable binding request logging to avoid DoS attacks. (Breaking change!) * Add new --log-binding option to enable binding request logging - Fix stale-nonce documentation. Resolves 604 - Version number is changed to semver 2.0 - Merge PR 288 (by Hristo Venev) * pkg-config, and various cleanups in configure file - Add systemd notification for better systemd integration - Fix Issue 621 (by ycaibb) * Fix: Null pointer dereference on tcp_client_input_handler_rfc6062data function - Fix Issue 600 (by ycaibb) * Fix: use-after-free vulnerability on write_to_peerchannel function - Fix Issue 601 (by ycaibb) * Fix: use-after-free vulnerability on write_client_connection function - Little refactoring prometheus * Fix c++ support * Simplify (as agreed in Issue 666) * Remove session id/allocation labels * Remove per session metrics. We should later add more counters. - Fix CVE-2020-26262 (credits: Enable-Security) * Fix ipv6 ::1 loopback check * Not allow allocate peer address 0.0.0.0/8 and ::/128 * For more details see the github security advisory: GHSA-6g6j-r9rf-cm7p
|
FWIW: When we backport this to 20.09 please only backport the version change and not new features. Looking at the amount of changes it introduces it might be better to just apply https://github.com/coturn/coturn/commit/abfe1fd08d78baa0947d17dac0f7411c3d948e4d.patch |
How do you plan to do this? Remove the code that requires the new libraries? |
|
If this isn't a blocking issue for this merge request, maybe discuss this in #109043? |
I am not reading closed PRs. |
|
Result of 1 package marked as broken and skipped:
|
|
This is a semi-automatic executed nixpkgs-review which does not build all packages (e.g. lumo, tensorflow or pytorch) Result of 1 package built:
|
|
Telling from the discussion, I'd assume this doesn't need a backport anymore. |
erictapen
removed
the
9.needs: port to stable
Motivation for this change
Upgrade to 4.5.2.
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)